GeeCON Prague 2014*
The moose likes Web Component Certification (SCWCD/OCPJWCD) and the fly likes Session and cookies Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


JavaRanch » Java Forums » Certification » Web Component Certification (SCWCD/OCPJWCD)
Bookmark "Session and cookies" Watch "Session and cookies" New topic
Author

Session and cookies

Dragos Nica
Ranch Hand

Joined: Oct 25, 2009
Posts: 39
Hello rancers,

I'm learning about sessions and cookies and I'm doing many examples in order to understand better.
I know that sessions and cookies are two things completely different, I know that sessions are "server side"

As we know when we want to create a new sessions we use request.getSession() and the container takes care of the rest ( creates a new session if one doesn't already exist, create a cookie and puts the session into the cookie, and then adds the cookie to the response object.

My question is how can we set the age for the cookie that contain the information about session id ? Is that possible? all this work is done by the container.
I know that the default age for a cookie is -1 that means that cookie will be deleted when the browser is closed.

The scenario that I tied is the following:
- in the servlet I put
HttpSession sess = request.getSession()
sess.setMaxInactiveInterval(5*60);

the container takes care for creating the session and adding the session Id to a cookie.
The session will be active on the server for 5 minutes.

If I close the browser and open it again the cookie that contain the sessionId information is deleted (but on the server side the session is still active 5 minutes)
How can I set the maxAge for the cookie thus it should "persisit" when I close the browser?



SCJP 6.0 (88%)
Ankit Garg
Sheriff

Joined: Aug 03, 2008
Posts: 9303
    
  17

Check out this discussion...


SCJP 6 | SCWCD 5 | Javaranch SCJP FAQ | SCWCD Links
Dragos Nica
Ranch Hand

Joined: Oct 25, 2009
Posts: 39
Thanks Ankit. Understood now ..
Still is confusing why after setting the maxAge of the JSESSIONID cookie to a bigger value, we are seeing two cookies in the browser with the same name , same value ..
After browser restart there is only one and container uses it.
It's interesting

Thanks you!
Chinmaya Chowdary
Ranch Hand

Joined: Apr 21, 2008
Posts: 432
Hi, Dragos.
My question is how can we set the age for the cookie that contain the information about session id ? Is that possible? all this work is done by the container.


Try like,

I think this serves the purpose.
Dragos Nica
Ranch Hand

Joined: Oct 25, 2009
Posts: 39
This work, but at the end we have two cookies with the same name and same values.
After the browser restart, the original JSESSIONID cookie is deleted and the other one is used that it's fine and is exactly what we wanted.
The strange behavior is having 2 JSESSIONID cookies before browser restart.Is it the normal behavior?

Thanks!
Ankit Garg
Sheriff

Joined: Aug 03, 2008
Posts: 9303
    
  17

When the session is created, the container adds the JSESSIONID cookie to the response (whose age is -1). Then we add another one, that's why there are two JSESSIONID cookies. After we close the browser, the JSESSIONID cookie with -1 age is deleted and the one we set is retained because we set its age to a positive value...
Chinmaya Chowdary
Ranch Hand

Joined: Apr 21, 2008
Posts: 432
Dragos Nica wrote:This work, but at the end we have two cookies with the same name and same values.
After the browser restart, the original JSESSIONID cookie is deleted and the other one is used that it's fine and is exactly what we wanted.
The strange behavior is having 2 JSESSIONID cookies before browser restart.Is it the normal behavior?

Thanks!


I think we get only one JSESSIONID cookie. I am using Firefox 3.5 and I got only one. Please delete previous cookies, if any present, and try again.
Dragos Nica
Ranch Hand

Joined: Oct 25, 2009
Posts: 39
I cleared the browser's cookies before test it.
It is exactly how Ankit explained above.

Thanks guys for explanations
 
GeeCON Prague 2014
 
subject: Session and cookies